From owner-freebsd-questions@FreeBSD.ORG Mon Feb 21 12:24:44 2005 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id A12E416A4CE for ; Mon, 21 Feb 2005 12:24:44 +0000 (GMT) Received: from hosea.tallye.com (joel.tallye.com [216.99.199.78]) by mx1.FreeBSD.org (Postfix) with ESMTP id C78EA43D1D for ; Mon, 21 Feb 2005 12:24:43 +0000 (GMT) (envelope-from lorenl@alzatex.com) Received: from hosea.tallye.com (hosea.tallye.com [127.0.0.1]) by hosea.tallye.com (8.12.8/8.12.10) with ESMTP id j1LCOgXq009118 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Mon, 21 Feb 2005 04:24:43 -0800 Received: (from sttng359@localhost) by hosea.tallye.com (8.12.8/8.12.10/Submit) id j1LCOg8L009116; Mon, 21 Feb 2005 04:24:42 -0800 X-Authentication-Warning: hosea.tallye.com: sttng359 set sender to lorenl@alzatex.com using -f Date: Mon, 21 Feb 2005 04:24:42 -0800 From: "Loren M. Lang" To: Christopher Rued Message-ID: <20050221122442.GH4471@alzatex.com> References: <42127FB5.6040807@xsb.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <42127FB5.6040807@xsb.com> User-Agent: Mutt/1.4.1i X-GPG-Key: ftp://ftp.tallye.com/pub/lorenl_pubkey.asc X-GPG-Fingerprint: B3B9 D669 69C9 09EC 1BCD 835A FAF3 7A46 E4A3 280C cc: questions@freebsd.org Subject: Re: Racoon without compression X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 21 Feb 2005 12:24:44 -0000 On Tue, Feb 15, 2005 at 06:03:17PM -0500, Christopher Rued wrote: > Hi all, > > I'm trying to set up a VPN connection to a NetScreen VPN using racoon. > I configured all of the settings (I think) to match those specified on > the NetScreen, except for compression_algorithm. > > The only option for compression_algorithm given to me by racoon is > deflate. The NetScreen VPN is configured with "Compression: None". > > Am I out of luck here? No, compression is not needed for IPSec. The only compression algorithm racoon supports is defate, but that doesn't mean it won't run without compression. The settings in /etc/ipsec.conf are what tell FreeBSD's IPSec to use or not use compression. ESP is an encryption layer that you can enable in ipsec.conf and IPComp is a compression layer, if you only setup ESP then no compression takes place. > > Please be sure to inclue me on any replies, as I am not subscibed to the > list. > > TIA > > --Chris > > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org" -- I sense much NT in you. NT leads to Bluescreen. Bluescreen leads to downtime. Downtime leads to suffering. NT is the path to the darkside. Powerful Unix is. Public Key: ftp://ftp.tallye.com/pub/lorenl_pubkey.asc Fingerprint: B3B9 D669 69C9 09EC 1BCD 835A FAF3 7A46 E4A3 280C